Sean Spicer Launches Witch Hunt Over The 'Secure' App He Just Said Was No Big Deal

from the keep-up dept

So here's a story that goes from weird to bizarre in record time. A few weeks ago, Axios was among the first to report that White House staffers were using an app called "Confide" to make use of its disappearing message feature, specifically to avoid putting things down on the record, that might later be leaked or revealed:

We spoke with one influential GOP operative who is using the app. He told us he especially likes that Confide makes it harder to take a screenshot—you have to slide your fingers over text and it only captures a portion of the screen. He also likes the integration with iMessage, allowing him to write self-destructing encrypted messages within the confines of the iPhone's standard-issue messaging platform.

He says Republicans like him are especially paranoid about their communications after Hillary Clinton's email scandal. "For folks that are on the inside in this city, it provides some cover," he said.

BuzzFeed News found the phone numbers of Spicer, along with Hope Hicks, the director of strategic communications, via a feature that allows users to see friends who have already joined.

In a phone call with BuzzFeed News, Spicer confirmed that he used the app, but said that he had done so only once, when asked to by a reporter “months ago.” He offered to show a BuzzFeed News reporter his phone as proof.

“I downloaded it, but I’m glad to show anyone my phone and that I’ve literally sent one message on Confide,” said Spicer. “These are personal phones… I also have iTunes on my personal phone, Solitaire, and other apps. Frankly I think the idea that you guys are writing a story, the idea of what apps I use on my phone, is an invasion of my privacy.”

Of course, if the messages are deleted soon after sending, as the app advertises, then showing the app to a reporter doesn't really prove much of anything. Either way, hold that thought.

Security experts have ripped apart Confide, saying that it's claims of being secure are "a triumph of marketing over substance," however others in the White House are making use of an app that is generally considered more secure: Signal.

And, apparently, that has some in Congress worried that the apps are being used not to undermine things like federal record keeping laws, but rather that it may be used by people inside the government to go undermine the administration or to leak information to the press.

And, indeed, this weekend it was reported that Sean Spicer (remember him from above?) conducted a surprise leak crackdown last week, ordering staffers into a conference room and then searching their phones for Confide or other apps, and telling them not to use such apps:

Upon entering Spicer’s office for what one person briefed on the gathering described as “an emergency meeting,” staffers were told to dump their phones on a table for a “phone check," to prove they had nothing to hide.

Spicer, who consulted with White House counsel Don McGahn before calling the meeting, was accompanied by White House lawyers in the room, according to multiple sources.

There, he explicitly warned staffers that using texting apps like Confide — an encrypted and screenshot-protected messaging app that automatically deletes texts after they are sent — and Signal, another encrypted messaging system, was a violation of the Presidential Records Act, according to multiple sources in the room.

Leaving aside, for now, the humor in this information (of course) then leaking to the press, it does seem somewhat amusing that Spicer is now suddenly running surprise phone checks on staff members over these apps when he, himself, admits to having used at least Confide, and his insisting that its presence on his phone was really no big deal. Remember, "Frankly I think the idea that you guys are writing a story, the idea of what apps I use on my phone, is an invasion of my privacy." And yet... it's not such an invasion of privacy to suddenly order lower ranked staff members into a conference room to do a "phone check" to see if they have any of those apps on their phones?

Oh the irony and hypocrisy when the team that screamed "her emails!" so much didn't learn to use official channels from the Clinton issue, but just learned to work harder at hiding their electronic use policy violations.

fact or fiction it is a lose lose situation

Of course now the administration is claiming that they purposely leaked this story to make newspapers look bad because it didn't actually happen. At least according to spicer.

Honestly on this particular thing I don't know who to believe, politico or the whitehouse. However I know that with every issue like this I believe the administration less and less. Of course it is hard to lose confidence in a president when you had none to begin with.

Re: fact or fiction it is a lose lose situation

What should we think of an administration that would leak a story to the press to make the press look bad. Particularly an administration that is at war with the press and publicly and brazenly declares the press the enemy of the people.

Wow. Just wow.

Don't know whether to believe politico or the whitehouse. That sounds like the result of someone who would run a disinformation campaign to undermine the public trust in everything. At some point the public will question basic facts like whether the sun rises in the East or West.

Every time I think I can lose no more confidence in the president or his administration, something new happens that makes my jaw drop even lower.

Re: fact or fiction it is a lose lose situation

You don't have to believe anybody. A healthy skepticism is usually good policy, especially when it comes to stories from anonymous sources.

I think that most of the leaks that have come out about the administration have been plausible (and obviously the one about Flynn's communication with Russia had legs), but there's a difference between "it's plausible" and "it's true." I think it's quite clear that there are rival factions within the administration all seeking to undermine one another, and also that there are people within the intelligence community who are deliberately seeking to undermine the President. Regardless of your feelings on Trump (and I think he's a dangerous lunatic), that's not something to celebrate; CIA versus Trump is like Alien versus Predator: whoever wins, we lose.

The enemy of your enemy is not your friend, and it's unwise to believe a story just because it reinforces your preconceived notions.

Re: fact or fiction it is a lose lose situation

The rival factions thing has some traction personally. In particular after the two good ol' boys making nice at the CPAC. Steve Bannon slings shit really fast, is noted for off the cuff riffs, on pizzas for for instance. The make nice was clearly staged.

Of course then entire Trump Bunch have no real idea how the government actually works, they just know they want to disable the Executive branch completely, except for Der Groper. And their own job, that goes without lying.

"I didn't rob that store, I was mugging a homeless person at the time!"

Of course now the administration is claiming that they purposely leaked this story to make newspapers look bad because it didn't actually happen. At least according to spicer.

So the WH lied, and knowingly told the press something that was blatantly untrue, and the press reported what they were told as true, and the press is supposed to be the one that comes out looking bad?

Whether deliberate lie or weak attempt at spin to make something that did happen look 'good', neither has the WH coming out on top.

Re: How is this not a violation of the 4th amendment?

Because the 4th amendment only applies to the government. While this would APPEAR to apply at first glance, under the law, a staffer working at the white house is treated no differently than a staffer working at a private corporation as far as 4th amendment protection is concerned.

If the phone is a work-issued phone, then it's the corporation's property. They don't have to even ASK you to see their own property. They can point-blank demand it because the phone is theirs.

As to your personal phone, any employer in the US can demand to see your phone, right now, and they can fire you on the spot for refusing, though you do have the right to refuse.

This is a little secret about most rights we have under the constitution: just because you have a right doesn't mean you won't be punished for exercising it. You can stand on the sidewalk just outside your local church and preach the gospel of the Flying Spaghetti Monster and as long as you aren't so loud as to be a valid noise complaint, there's nothing they can do to stop you, but good luck getting a job, a girlfriend, or the time of day from basically anyone if you do. You may also be committed to a psychiatric facility if the local police don't get the reference.

That said, your employer cannot, on the other hand, force you to unlock your personal phone (or fire you if you refuse to), because they have tried that before, been sued, and lost. I mean, they CAN, but they know if they do, you can sue them for wrongful termination and there's precedent on your side, so they'd have to be pretty stupid to do so.

Maybe you should get your news from a better source than buzzfeed. He never said it was no big deal, he rightfully stated that its use was in violation of transparency laws.

[Spicer] explicitly warned staffers that using texting apps like Confide — an encrypted and screenshot-protected messaging app that automatically deletes texts after they are sent — and Signal, another encrypted messaging system, was a violation of the Presidential Records Act, according to multiple sources in the room.

Re: Maybe you should get your news from a better source than buzzfeed.

Re:

Sure, but that's an excuse. Do you think Trump's more concerned with complying with the Presidential Records Act, or with stopping leaks?

Hint: you may want to check the amount of time he's spent expressing his concern over Presidential Records Act compliance over the past couple of weeks, and compare it to the amount of time he's spent swearing he's going to crack down on leaks.

I'm not sure what the point is?

So, EMPLOYEES were told to hand over their phones to make sure they weren't using software that violated the law.

Anyone who thinks that is odd hasn't worked a real job.

I work for a hospital. If I want to access any work related information, I pretty much have to have invasive software installed on my phone, use a VPN to connect to work and my phone is continuously scanned for new software to prevent it being hijacked. All so that no patient information gets out.

I have three options: 1) Do it and get access, 2) Don't do it and don't get access, 3) Quit

Personally, I opted for #2, but if I absolutely needed access, I'd only have options 1 or 3.

That's life. Deal or be dealt out.

It's the same with the government I assume, only more so since we're talking levels of classified information. Anytime they feel they're being treated unfairly... there's the door.

Re: I'm not sure what the point is?

I promise you that I work at a "real job", and I don't care who demands to see my phone, boss, CEO, whatever, they will be told to jump up a fat dog's ass. And if I got fired over it, I would be looking at a yuge wrongful termination suit.

Re: I'm not sure what the point is?

Re: I'm not sure what the point is?

"have to have invasive software"Your hospital CANNOT force you to install their MDM solution unless you want to connect it to their resources. In most situations I have been in IT will provide the phone. If your duties require you to have 24/7 access then have them provide a phone, or get them to reimburse you for another.

"Anyone who thinks that is odd hasn't worked a real job."Well I have. I have rolled out MDM solutions, AirWatch, MaaS360, and XenMobile. So if some IT guy is asking to search through your phone pre MDM, tell him after you see his first. And then ask if you could see his phone. BLAH!!! Just kidding. Anything on your phone would be handled by application management.

The majority of MDM I have set up have done a few common things mostly. Force a pin, encrypt the phone, having the ability to do a remote wipe, SSO, making sure the device is of a certain patch level. Nobody is using it to look at your nekkid selfies.

Lastly, I gathered from your statement that your access is not critical. So its a convenience. It's nice enough that the place you work gives you the option. They have to protect their data first and foremost. Your feelings on the matter are not relevant. You want the convenience? You accept the measures required for that convenience.

Re:

wouldnt it be NICE...If everything in the GOV. was to be Public knowledge...RELEASED, in 4 years or LESS...Yes, SOME things are Secret..but SHOULD NEVER be hidden for 20+ years...AFTER all those concerned are DEAD/DYING/MOVEd to another country, or the Statute of Limitations has RUN OUT..

Re:

***a couple of large dumpsters of finely chopped paper appear at your desk. Then you see some half mangled hard drives and phones and you notice they look like someone tried to shred them as well but they got jamed in the blades of the shredder.***

The new administration has a problem with leaks. There is no one best solution, but I actually think they may be starting to do the right thing, which is the opposite of what you think.

Step 1 is to try to secure the ship as best you can. Make a solid sweep so you look like you are serious about it, so random staff members are less likely to take the risk to leak stuff. It's sounds pretty much like what they are doing and that is good.

What is more secret is step 2: Overwhelm the leaks with more leaks that are entirely plausible but entirely false. Hand the media a bucket load of leaked stories that end up not being true, and you end up discrediting the leaking process. Keep it pretty constant, throw in a few nuggets that are in fact true (but unimportant) and generally muddy the waters until the media no longer is willing to accept leaks on their face without some checking. All the while, the Cheetos In Chief can yell about fake news and pretty much discredit the media. Given enough time, this buys the administration a whole bunch of space to do all sorts of stupid shit without anyone wanting to report it in case it's not true.

Considering that Bannon has control (direct or indirect) over a fair pile of the conservative media apparatus, it's not hard to make this work out.

Re:

Keep it pretty constant, throw in a few nuggets that are in fact true (but unimportant) and generally muddy the waters until the media no longer is willing to accept leaks on their face without some checking

If they really could secure the leaking from White House staff, intelligence agencies, DOJ, etc. then this wouldn't be necessary. And if they can't, then it wouldn't be sufficient. If they have 12 leaks and 10 of them are saying one thing and 2 something different, they can be fairly sure which is correct. And if they actually know who the leakers are, then it's even easier to tell which to trust.

If they really could secure the leaking from White House staff, intelligence agencies, DOJ, etc. then this wouldn't be necessary. And if they can't, then it wouldn't be sufficient. If they have 12 leaks and 10 of them are saying one thing and 2 something different, they can be fairly sure which is correct. And if they actually know who the leakers are, then it's even easier to tell which to trust